PT-2019-17513 · Huawei · Huawei Share+1
Wen Guanxing
·
Publicado
2019-07-10
·
Atualizado
2019-07-18
·
CVE-2019-5221
CVSS v3.1
6.5
Média
| Vetor | AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Huawei Mate 20 X versions earlier than 9.1.0.300(C432E3R1P12)
Huawei Mate 20 X versions earlier than 9.1.0.300(C636E3R2P1)
Huawei Mate 20 X versions earlier than 9.1.0.300(C185E3R3P1)
Description
The issue is related to a path traversal vulnerability in Huawei Share. It occurs because the software does not properly validate file paths. An attacker could exploit this by crafting a file path when transporting files through Huawei Share, potentially allowing them to transport a file to an arbitrary path on the phone.
Recommendations
For versions earlier than 9.1.0.300(C432E3R1P12), update to version 9.1.0.300(C432E3R1P12) or later.
For versions earlier than 9.1.0.300(C636E3R2P1), update to version 9.1.0.300(C636E3R2P1) or later.
For versions earlier than 9.1.0.300(C185E3R3P1), update to version 9.1.0.300(C185E3R3P1) or later.
Correção
Path traversal
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Huawei Mate 20
Huawei Share